'Externalizing authorization brings consistency and repeatability to security architectures. Application development teams who can abstract this complexity from their code innovate more quickly and more securely.' -Bill LeBlanc, CTO, Ionic Security | Announcement: Ionic Security Recognized in Gartner Hype Cycle for Identity and Access Management Technologies, 2020 as a Sample Vendor for Externalized Authorization Management

Ionic Security Recognized in Gartner Hype Cycle for Identity and Access Management Technologies, 2020 as a Sample Vendor for Externalized Authorization Management

ATLANTA, Aug. 5, 2020 — Ionic Security, a leading provider of unified data security and access control solutions, today announced that it has been identified as a Sample Vendor in the Gartner Hype Cycle for Identity and Access Management Technologies, 2020 in the Externalized Authorization Management (EAM) category.[1]

The company has also been listed as a Sample Vendor in the Gartner Hype Cycle for Cloud Security, 2020, Hype Cycle for Data Security, 2020 and Hype Cycle for Privacy, 2020.[2][3][4] We believe this recognition is validation of where Ionic sits at the intersection of security and privacy in the digital world.

Gartner states “Externalized authorization management (EAM) provides runtime controls, including policy management, policy enforcement, and decision modeling for fine-grained authorization to infrastructure, applications, services, transactions and data.”

“Authorization is critical to ensuring least-privilege access to data and services across your infrastructure,” said Bill LeBlanc, CTO of Ionic Security, “Externalizing authorization brings consistency and repeatability to security architectures. Application development teams who can abstract this complexity from their code innovate more quickly and more securely.”

Attribute-based access controls enforced at runtime are hallmarks of EAM solutions, in contrast to the coarser role-based controls native to access management tools. The dynamic granularity enabled by EAM solves a wide variety of security and access control use cases across multiple industries.

Market drivers like evolving policy standards and regulatory compliance mandates are driving urgency around many diverse use cases that companies need to start addressing now. For example, fine-grained controls around country of origin became required with the advent of privacy regulations like the General Data Protection Regulation (GDPR), and the recent invalidation of the EU-US Privacy Shield heralds even greater scrutiny and consequences.

“The rapid shift to remote workforces has accelerated cloud adoption, but more data in the cloud exposes organizations and their supply chains to regulatory and security risks,” said Eric Hinkle, CEO of Ionic Security. “In our opinion, Gartner’s recognition of externalized authorization management — and Ionic as a Sample Vendor — reinforces our ability to address these risks with centrally managed, programmatically enforced policy.”

As one of ten Sample Vendors named in the Externalized Authorization Management category in the Hype Cycle for Identity and Access Management Technologies, 2020 report, Ionic brings what we believe is a uniquely data-centric approach with MachinaTM, a dynamic authorization engine coupled with an attribute store that ties together the identities of data, services, and users, plus a scalable key management system protecting data at rest and in transit.

Machina Architecture Diagram shows solution components: Policy, Attributes, Decision, Console, and Tools. In a single, highly-automated framework, Machina combines all the solution components required to scale data protection – across clouds, environments, applications, and data silos. Policy: A framework for storing and retrieving rich, contextual data access policies leveraging attribute-based access control (ABAC) – federated across identities, resources, data stores, applications, and workloads. Attributes: Intelligent system that couples a rich set of user, device, service, and data attributes with automated machine-scale key management - independent of applications, scalable to trillions of keys, and fully controlled by your organization. Decision: An API-driven service layer that enables just-in-time enforcement of data access policies – by evaluating user, device, service, environment, and data attributes, to determine whether to allow or deny the request. Console: An interface providing configuration, auditing, and analytics capabilities for policies, as well as comprehensive, real-time visibility into how users are accessing and handling sensitive data, over the lifetime of every data element. Tools: A robust set of developer tools (SDKs and APIs) provides easy-to-use integration between Machina data protection services and their diverse applications, enabled with only a few lines of code (or with Connectors, i.e.: Machina SDK Connectors for AWS, GCP, and Azure). Attributes can be pulled from external Policy Information Points such as IdP, DLP, CASB, and others. Data logs can be exported from the Console to SIEMs.
Machina Architecture

Agnostic to data or resource type, Machina can secure objects at any granularity, in any environment, with full visibility into every transaction to provide proof of compliance. Developers can get started with Machina SDKs and APIs through an easy onboarding process, using just a few lines of code to externalize complex authorization logic. This represents a clear return on investment for application development teams and for security, risk and compliance teams, who can now enforce granular policy consistently from a central management plane.

[1] Gartner, “Hype Cycle for Identity and Access Management Technologies, 2020,” Ant Allen, July 16, 2020 (Gartner subscription required).

[2] Gartner, “Hype Cycle for Cloud Security, 2020,” Steve Riley, Jay Heiser, & Tom Croll, July 17, 2020.

[3] Gartner, “Hype Cycle for Data Security, 2020,” Brian Lowans, July 24, 2020

[4] Gartner, “Hype Cycle for Privacy, 2020,” Bernard Woo, Bart Willemsen, 23 July 2020


Gartner Disclaimer

Gartner does not endorse any vendor, product or service depicted in our research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About Ionic Security

Ionic empowers clients to future-proof their organizations and accelerate innovation by unifying data security and access controls, regardless of where they are in their journey to the cloud. Machina is the only context-based authorization engine that delivers dynamic, granular policy enforcement against a rich set of identity and data attributes, all backed by a scalable key management service with full spectrum visibility into a single, unified system of record.

With over two million licensed users in Fortune 500 companies, government agencies, and a growing grassroots developer community, the unique ecosystem relationships of Ionic dramatically accelerate cloud migration and multi-cloud deployments, creating value for enterprises driving their security strategy. Learn more at ionic.com, or connect on LinkedIn or Twitter.

Share this Article
Press Release Links